Question about account security

[Leila]

Can CGers still steal your password if your browser is set to never remember the passwords? Or do you have to physically clear your cookies every time you log in to prevent being CG'd?

 

It's happened to me once and I really don't want it to happen again, so I've tried not saving any passwords, which makes it a little extra effort to log in, but I figure it's worth it. That is, if it actually helps. A little unclear on how CGers work. Any suggestions for security (besides the usual not clicking on links, etc.) would be much appreciated. :)

[hrtbrk]

As far as I know, it's hard for CGers to get your password. What they take is your cookie (no password needed) and use that to log in.

 

Remembering passwords isn't stored in a cookie, if I recall, it's stored someplace else, so saying yes/no shouldn't make any difference.

 

The best way to nullify CGers is to log out. It makes that login cookie session invalid and starts a new one.

 

if you're wishing to be extra cautious, you can install NoScript and RequestPolicy on Firefox/Chrome. These tools will automatically disable any flash/javascript etc applications. You will only be able to see them and have them run at your request.

 

If you view the Neoboards, use plain text with signatures off. (Help Chat suggestions.)

 

Maybe Theo could come in and offer some more suggestions/clarifications.

[Leila]

I didn't know fonts and signatures could include malicious coding. :guiltysmiley: I've always browsed with fonts on...

[hrtbrk]

I'm honestly not sure how it works.

It was just a suggestion one of the boards had, which a lot of people seemed to agree on haha

[Lady Lyuba]

It's why it's a good idea to turn the font effects on the Neoboards off. It might make reading them a bit confusing, but it helps. Without the font effects you can tell a CGer when you see one - they have binary code in their fonts!

[Leila]

Drat, I worked so hard on my font lol. It will break my heart to turn it off. :rolleyes_anim:

[Lady Lyuba]

^ Hey, on the upside, other players will be able to see your fonts; even if you can't.

[summertwinkle]

What I do is put a pin on changing email, so it prevents any hackers from completely taking over the account. The pin is a pretty good measure but it can get annoying if you're trying to protect everything, since every task you do will require entering in a pin.

 

I'm having a hard time understanding how this cookie grabbing works either :/

 

But if I ever get logged in/logged out at weird times...I'd change my password asap....

[Xepha]

Drat, I worked so hard on my font lol. It will break my heart to turn it off. :rolleyes_anim:

 

 

An alternative to that, for those who want to take a lot of precautions, is to use a side account that you don't care about to browse and post on the Neoboards. ;)

[shiranui_xiii]

So we're all on the same page here, a cookie is something that tells a website if you're logged in or out (... well, in layman's terms! :P). CGers steal your cookie or make a carbon copy of it.

 

The easiest way to avoid CGers is to avoid any user-made/modified part of the website. This includes:

• User Shops
• User Galleries
• User Lookups
• Pet Lookups
• Pet Pages

Neomail should be safe, and the Neoboards are iffy at best.

 

If you think you've been hit by a CGer, immediately log out and back in. This makes the stolen cookie worthless. Remember to change your password and to put a PIN on everything you can.

 

Depending on your browser, you can download addons that help protect you. If you're a Firefox user, grab NoScript.

 

It's also a good idea to have a strong password on your account. TDN has an informative article on this.

[Alynniae]

So we're all on the same page here, a cookie is something that tells a website if you're logged in or out (... well, in layman's terms! :P). CGers steal your cookie or make a carbon copy of it.

 

The easiest way to avoid CGers is to avoid any user-made/modified part of the website. This includes:

• User Shops
• User Galleries
• User Lookups
• Pet Lookups
• Pet Pages

Neomail should be safe, and the Neoboards are iffy at best.

 

If you think you've been hit by a CGer, immediately log out and back in. This makes the stolen cookie worthless. Remember to change your password and to put a PIN on everything you can.

 

Depending on your browser, you can download addons that help protect you. If you're a Firefox user, grab NoScript.

 

It's also a good idea to have a strong password on your account. TDN has an informative article on this.

 

extra add-on: if you're using google chrome: download Notscripts, it's almost the same, it's a little bit tricky to enable it (with a password) but it really helps, without it, i would have been CG so many times ;)

[shiranui_xiii]

extra add-on: if you're using google chrome: download Notscripts, it's almost the same, it's a little bit tricky to enable it (with a password) but it really helps, without it, i would have been CG so many times ;)

 

*facepalm* I completely forgot Chrome existed when I made that post. I really should drink more coffee before posting on the forums. :P

 

I highly recommend Notscripts too. I agree; it is a bit tricky at first, but the extra security you get is priceless.

[Sweetdang]

I use it too.

 

Just remember that when a site doesn't work, or you can't press some buttons, to click the little Notscripts icon in your bar (you'll see when you download it) and enable the site. Don't panic or freak out just yet - I spent ages retyping a form because I forgot to enable the site. :P

[Leila]

Doesn't it become a big pain to not use any user made shops, galleries, or petpages? I imagine it would.

 

I enjoy using the NeoBoards for trading and such, so I click on several links a day, although not without taking a look at the account status first...